package com.suse.jd_system_server.utils;


import com.suse.jd_system_server.filter.JwtAuthenticationTokenFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

//@Configuration  //EnableGlobalMethodSecurity注解包含Configuration注解
@EnableGlobalMethodSecurity(prePostEnabled = true)//开启全局方法安全
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;

    @Autowired
    private loginHandler loginHandler;

    @Autowired
    private MyAccessDeniedHandler myAccessDeniedHandler;

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new MyPasswordEncoder();
    }

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }


    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable().authorizeRequests()
                .antMatchers("/General/login", "/General/register",
                        "/HotelPage/selectHotelList", "/map/getHotels", "/map/getHotels",
                        "/map/guide", "/map/getHotel", "/map/getAddr", "/General/selectProvince", "/General/selectCity"
                )
                .permitAll()
                .anyRequest().authenticated();
        http.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
        http.exceptionHandling().authenticationEntryPoint(loginHandler);//.accessDeniedHandler(myAccessDeniedHandler)
        http.cors();
//        http.formLogin()
//                .successHandler(appAutheticationSuccessHandler)//登录成功处理器 可以用匿名实现类/lamda表达式实现接口的方法
//                .failureHandler(appAutheticationFailHandler)//登录失败处理器

//                .permitAll();
//        http.exceptionHandling().accessDeniedHandler(appAccessDenyHanlder);//配置访问拒绝处理器

    }
}
